<html>

<body>

<?PHP
session_cache_limiter('private, must-revalidate');
session_start();

if(isset($_POST['submitToFav']))
  {
    include('std_dbs.php');

    $title = addslashes($_POST['title']);
    $rating = addslashes($_POST['rating']);
    $comment = addslashes($_POST['comment']);
    $userId = $_SESSION['userid'];

    unset($_POST['submit']);

    // get movie id
    $query = "SELECT MOVID FROM MOVIES WHERE MOVTITLE = '$title'";
    echo $query."<br />";
    $stid = oci_parse($connect, $query);
    if($stid == false)
      {
	$e = oci_error($connect);
	echo "ERROR: error parsing query to get movie id <br />";
	echo "MSG: ".$e['message']."<br />";
	exit;
      }

    $r = oci_execute($stid);

    if($r == false)
      {
	$e = oci_error($connect);
	echo "ERROR: error executing query to get movie id<br />";
	echo "MSG: ".$e['message']."<br />";
	exit;
      }

    $row = oci_fetch_array($stid, OCI_ASSOC);
    $movId = $row['MOVID'];

    if($comment == "Enter your review here.")
      {
	$comment = "";
      }

    $query = "INSERT INTO USERCONTENT (USERID, MOVID, CONTENTID, CONTENTTYPE, CREATEDATE, RATING, TEXT) VALUES ('$userId', '$movId', DEFAULT, '3', SYSDATE, '$rating', '$comment')";
        echo $query."<br />";
    $stid = oci_parse($connect, $query);
    if($stid == false)
      {
	$e = oci_error($connect);
	echo "ERROR: error parsing query to insert favorite<br />";
	"MSG: ".$e['message']."<br />";
	exit;
      }

    $r = oci_execute($stid);

    if($r == false)
      {
	$e = oci_error($stid);
	echo "ERROR: error executing query to insert favorite<br />";
	echo "MSG: ".$e['message']."<br />";
	exit;
      }
    
    echo "Success.";
    
  }
?>

</body>

</html>
